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DOCUMENT-IDENTIFIER: US 6182229 Bl 

TITLE: Password helper using a client-side master password which automatically 
presents the appropriate server-side password in a particular remote server 

Brief Summary Text (11) : 

In one embodiment, the remote servers are controlled access WWW sites . The client 
system, coupled to the remote servers via the Internet, includes a WWW browser. The 
WWW browser is extended in accordance with the invention to incorporate special 
capabilities for assisting the user with accessing WWW sites which require 
authentication. No modification to the remote servers is required in this 
embodiment . 

Brief Summary Text (12): 

A WWW browser modified in accordance with the invention may maintain a password 
database that includes entries holding the URL, encrypted user ID, and encrypted 
password for a plurality of remote sites. When a new browsing session begins, the 
WWW browser may prompt the user for the master password upon the start of a new 
browsing session and store it. Then, when an authentication request message is 
received from a remote site that the user is seeking to access, the browser scans 
the password database for the URL of that remote site. If an entry is found, the 
browser decrypts the password and user ID and forwards them to that remote site. 
This can all occur without presenting the usual authentication form to the user. 
For enhanced security, instead of storing the master password, the browser may 
prompt the user for it every time it is needed. 

Detailed Description Text (7) : 

The present invention provides a system for managing password access to a plurality 
of remote servers such as remote web sites . This password management system is 
preferably implemented as an applet, e.g., a segment of executable computer code 
downloadable from a network and executed as part of a larger program, to be used in 
conjunction with Hot Java. RTM. or other Java-enhanced browsers. Of course, the 
password management features of the present invention could also be directly 
incorporated into a browser program. The remote servers need not be modified to 
provide these features. 

Detailed Description Text (11) : 

For enhanced security, the user can choose by, e.g., setting a preference, to never 
store the master password and step 304 is skipped. Instead, the user is prompted 
for the master password whenever it is needed. This provides enhanced security in 
that unauthorized persons will not be able to access remote sites when client 
computer system 10 is left unattended with its browser software running. 

Detailed Description Text (15) : 

The user now has access to the remote web site . The user is preferably not even 
made aware of the authentication steps. If the user now selects a second controlled 
access web site, the process depicted in FIG. 3 repeats. 

Detailed Description Text (30) : 

The present invention is not limited to the WWW or the Internet. Remote servers 
could be identified within a password database with identifiers other than their 
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URLs. A database of dial-up bulletin boards could be maintained with telephone 
numbers identifying each remote server. A mixed database could also be maintained 
including both web sites and other remote servers requiring passwords for access . 
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